Red Hat Bugzilla – Bug 327791
CVE-2007-5269 libpng DoS via multiple out-of-bounds reads
Last modified: 2007-11-30 17:12:18 EST
+++ This bug was initially created as a clone of Bug #324771 +++
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-5269 to the
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21
allow remote attackers to cause a denial of service (crash) via
crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3)
tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT
(png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds
libpng10 in FC-6 and F-7 is < 1.0.29 at the moment.
libpng10-1.0.29-1.fc7 has been pushed to the Fedora 7 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update libpng10'
libpng10-1.0.29-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.